What does the "secure hash algorithm" option specified in the Advanced tab of the ADFS relying party trust properties actually affect?
Is it a security problem that SHA1 is one of the options? If not, why not?
Screenshot: ADFS relying party properties
This blog from MS describes as follows:
The relying party trust in ADFS must be configured with the correct secure hash algorithm. Most SAML applications will support SHA-1 while most WS-Fed applications will support SHA-256. Go to the properties of the relying party application in ADFS and then advanced tab and pick the correct hash algorithm from the drop-down:
Our app uses SAML, but our customers often query the use of SHA1 when I ask them to use the setting as suggested by most ADFS documentation.